CO 9-1-1 Summary Update April 27, 2026

PUC, TASK FORCE, AND CO UPDATE

If you missed the NASNA panel discussion on Tuesday, April 14, or would like to review it, here’s a link to the recording (note that it was recorded by NASNA, not the Colorado 9-1-1 Program, and so is not on the Task Force YouTube). Thank you so much to Daryl Branson for organizing and moderating the panel, and thank you to all the panelists!

—-------------------------------------------------------------

PSAP DIRECTORS: CCNC is cracking down on radio console restarts. THESE RESTARTS MUST OCCUR EACH MONTH, between the 15th and 30th of each month. EVERY RADIO CONSOLE (THE ACTUAL COMPUTER, not just the program) YOU HAVE MUST BE FULLY RESTARTED, AS WELL AS YOUR AIS AND NETWORK MANAGEMENT CLIENTS, in order to implement security patches. IT’S IMPERATIVE THAT THIS IS DONE. PLEASE incorporate these restarts into your monthly policies and procedures. CCNC has a policy that allows them to shut off access to the system for those not in compliance. 

-----------------------------

26A-0140T  2026 BES Improvement Plan. CenturyLink filed its proposed improvement plan. More information can be found here, and the NDA that needs to be filed in order to have access to confidential documents can be found here (in the 4/8/26 meeting folder). 

26A-0083T Elbert County Application to Increase ETC. Elbert County Communications Authority has applied for approval to increase their ETC to $4.00. On 4/16/26 Elbert County filed to withdraw the application. More information can be found here. 

For current updates on open 9-1-1-related proceedings, please see this page on the Colorado 9-1-1 Program website. You can always look up more information on DORA’s E-filings site, linked here, by searching for the proceeding number. 

—-----------------------------------------------------------

 FEDERAL LEGISLATIVE, FCC UPDATE, AND OTHER NATIONAL NEWS

NENA is pleased to announce the publication of the NENA Standard for NG9-1-1 GIS Data Model, NENA-STA-006.3-2026 [cdn.ymaws.com]. This document defines the Geographic Information System (GIS) Data Model, which supports the NENA Next Generation 9-1-1 (NG9-1-1) Core Services (NGCS) of location validation and geospatial call routing to the appropriate agency for dispatch. This model also defines several GIS data layers used in local Public Safety Answering Point (PSAP) and response agency mapping applications for handling and responding to 9-1-1 calls. Click this link for GIS Data Templates.

—-------------------------------------------------

Click this link for more information on Sirius XM Service for Public Safety

—-------------------------

Please click this link to see updated information from CISA on potential compromise of Cisco Devices

CO 911 IN THE NEWS

If you have a news item you want to share, please send it to me!

LEARNING OPPORTUNITIES

 "From Policy to Practice" free webinar hosted by MCP: Public safety and government organizations are facing increasing pressure to keep up with evolving regulations, emerging technologies, and growing risk exposure—but many lack the visibility and structure to stay ahead.

Join us on Tuesday, April 28th, 2026, at 1:00 p.m. Eastern for Mission Critical Partners’ webinar, “From Policy to Practice: Strengthening Governance, Compliance & Risk in a Changing Environment.” In this one-hour session, we’ll share practical strategies to help you close gaps, strengthen oversight, and take a more proactive approach to GRC across your organization.

Key takeaways include:

• Improve how you track and manage policy and regulatory changes

• Strengthen compliance monitoring and reporting processes

• Identify and prioritize risk more effectively across the organization

• Address policy gaps created by new technologies and operational changes

• Understand where AI can enhance GRC efficiency and oversight

Reserve your spot using this link.

—----------------------------------------------------------------------

Want some FREE training for your telecommunicators? Remember the presentation about T-CPR at January’s Task Force meeting? We’ve already had several centers enroll their folks in the FREE T-CPR training, and the AHA’s goal is to train every 9-1-1 professional in CO. Did I mention FREE?? For more information, reach out to Stephanie Chapman at Stephanie.Chapman@heart.org. Want more information about T-CPR? Check out the new NENA Standard, which is open for public comment. 

—---------------------------------------------------

NENA classes being held in CO, click for more information:

CTO Buena Vista 7/21-7/23

911 Center Supervisor Vail 5/12-5/14

Center Manager Certification Program (CMCP) 6/8-6/12

—--------------------------------------------

QUARTERLY THREAT BRIEFING

CISA Region 8 and the DHS Office of Intelligence and Analysis (I&A) Region 8 are hosting an Unclassified Quarterly Threat Briefing Webinar. This webinar will review physical, cyber, and foreign threats to critical infrastructure and supply chain security. Reference the attached flyer for additional details.

 

Event Information

• Date: June 18, 2026

• Time: 1 pm MDT

• Registration Link: CISA Region 8 Quarterly Threat Briefing

 

SECURING PUBLIC GATHERINGS WEBINAR

CISA Region 8 is hosting a Securing Public Gatherings Webinar to provide tools and resources to assist with protection of public areas from a variety of threats. Reference the attached flyer for additional details.

 

Event Information

• Date: May 20, 2026

• Time: 10 am MDT

• Registration Link: Securing Public Gatherings Webinar

 

 

SECURING SYSTEMS TRAININGS

WEBINAR: Living Off the Land (LOTL): An Intrusion Technique Overview

The Cybersecurity and Infrastructure Security Agency (CISA) is offering the cybersecurity awareness webinar, Living Off the Land (LOTL): An Intrusion Technique Overview (SS130) on May 5, 2026 from 9 - 10 a.m. MDT. This is an entry-level webinar designed for security practitioners.

Participants can earn 1 Continuing Professional Education (CPE) credit for attending.

The webinar covers:

• Common attack methods: Identify common LOTL techniques and tools that are currently being used.

• Key Guidance for Organizations: Introduce Zero Trust principles for detecting and mitigating resources and tools for LOTL attacks that enable organizations and individuals to use log analysis to query for threat activity including: Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and using Active Directory and PowerShell to run scripts.

• CISA Guidance: Review the areas highlighted from the Joint Guidance: Identifying and Mitigating Living Off the Land Techniques.

• Case Studies: Discuss the People’s Republic of China Volt Typhoon campaign highlighting the tools used, how full domain compromise was obtained, and persistence over exploitation.

• Knowledge Check: The course concludes with a brief knowledge check section to reinforce key concepts and takeaways.

Register here

 

WEBINAR: Defend Against Ransomware Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) is offering the Defend Against Ransomware Attacks (SS109) webinar on May 7, 2026 from 9 - 10 a.m. MDT. This is an entry-level webinar designed for security practitioners.

Participants can earn 1 Continuing Professional Education (CPE) credit for attending.

The webinar covers:

• Common attack methods: Understand what ransomware is, its large-scale impacts, how these attacks have evolved, signs of an attack, and response strategies.

• Key guidance: CISA will share tips on reducing ransomware impact and recovering from attacks.

• Case studies: Review real-world ransomware incidents and learn how victims respond and recover.

• Knowledge check: Reinforce key points with brief knowledge check questions.

 

Register here

 

For more information about Incident Response and Securing Systems Training, visit Incident Response Training | CISA.

 

 

CONFLICT PREVENTION WEBINAR SERIES

CISA is hosting a Conflict Prevention Webinar Series to introduce CISA's Conflict Prevention techniques and resources and de-escalation products and resources. The webinars are intended to provide information to help diffuse volatile situations and enhance the safety and security of people, facilities, and communities by empowering users to prevent incidents of targeted violence.

 

INTRODUCTION TO CONFLICT PREVENTION TECHNIQUES

Date: May 13, 2026

Time: 11:30 AM MT (30 minutes)

Register Here

 

CONFLICT PREVENTION STRATEGIES TO DETER TARGETED VIOLENCE

Date: May 27, 2026

Time: 11:30 AM MT (60 minutes)

Register Here

 

Reference the flyers for more details and visit Conflict Prevention | Cybersecurity and Infrastructure Security Agency CISA and De-escalation Products and Resources | CISA.

 

 

CISA and Partners Release Advisory on Iranian-Affiliated Cyber Actors Targeting US Critical Infrastructure

CISA, in partnership with Federal Bureau of Investigation, National Security Agency, Environmental Protection Agency, Department of Energy, and United States Cyber Command - Cyber National Mission Force published joint Cybersecurity Advisory Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure. The advisory warns U.S. organizations of ongoing cyber exploitation targeting internet-connected operational technology devices, including Rockwell Automation/Allen-Bradley programmable logic controllers (PLCs), across multiple critical infrastructure sectors, including Government Services and Facilities (to include local municipalities), Water and Wastewater Systems, and Energy.

These disruptions include malicious interactions with the project file and manipulation of data on human machine interface and supervisory control and data acquisition displays, resulting in operational disruption and financial loss. The authoring agencies recommend organizations review the tactics, techniques, and procedures and indicators of compromise in this advisory for indications of current or historical activity on their networks and apply the recommendations in this advisory to reduce the risk of compromise.

Key Actions

• Remove PLCs from direct internet exposure via secure gateway and firewall.

• Query available logs for the provided IOCs in the corresponding time frames.

• Check available logs for suspicious traffic on the ports associated with OT devices, including 44818, 2222, 102, and 502, especially traffic originating from overseas hosting providers.

• Place the physical key switch on the controller into the run position. Contact the authoring agencies and Rockwell Automation for guidance if you believe your organization was targeted.

For more information on Iranian malicious cyber activity, see CISA’s Iran Cyber Threat Overview and Advisories webpage and the FBI’s Iran Threat webpage.

 

 

For the latest Region 8 Training & Event Schedule, view the calendar: CISA Region 8 Events 

OTHER NEWS

The Colorado 9-1-1 Services Enterprise Board maintains a website, including meeting schedules, agendas, and minutes, here. Be sure to keep up with their activities, and their meetings are always open to the public. 

—------------------------------------------------------------------------

Please note that I am happy to travel to your area to present to your Authority Board, PSAP, or anyone else, on the State 9-1-1 Program. Have questions about surcharges, the tariff, how to participate in 9-1-1 at the state level, or anything else? I’m always happy to help! I can also present virtually.  Don’t hesitate to reach out if I can be of assistance to you!

Have a great week!